TLS: Some redis.conf clarifications.

2020-02-05 18:30:12 +02:00 · 2020-02-05 18:30:12 +02:00 · 1e02d599dc
commit 1e02d599dc
parent 44ac202fbf
1 changed files with 10 additions and 11 deletions
--- a/redis.conf
+++ b/redis.conf
@ -155,23 +155,22 @@ tcp-keepalive 300
 # tls-ca-cert-file ca.crt
 # tls-ca-cert-dir /etc/ssl/certs
-# If TLS/SSL clients are required to authenticate using a client side
+# By default, clients (including replica servers) on a TLS port are required
-# certificate, use this directive.
+# to authenticate using valid client side certificates.
 #
-# Note: this applies to all incoming clients, including replicas.
+# It is possible to disable authentication using this directive.
 #
-# tls-auth-clients yes
+# tls-auth-clients no
-# If TLS/SSL should be used when connecting as a replica to a master, enable
+# By default, a Redis replica does not attempt to establish a TLS connection
-# this configuration directive:
+# with its master.
 #
 # Use the following directive to enable TLS on replication links.
 #
 # tls-replication yes
-# If TLS/SSL should be used for the Redis Cluster bus, enable this configuration
+# By default, the Redis Cluster bus uses a plain TCP connection. To enable
-# directive.
+# TLS for the bus protocol, use the following directive:
 #
 # NOTE: If TLS/SSL is enabled for Cluster Bus, mutual authentication is always
 # enforced.
 #
 # tls-cluster yes